How to Fix 13 Common IT Problems on Small Law Firm Networks


It’s easy to hyper-focus on growing your law practice while overlooking critical housekeeping details. Everyone gets distracted. Many attorneys have computer network problems that undercut their mission, but the symptoms aren’t as glaring as my Nest mismanagement example. Here’s a quick review of 13 fixes for 13 common problems. If you have an IT provider, they can help you with each initiative.


Fix IT Problem #1 – Install a business-class firewall

We’ve seen a lot of small law practices with prosumer firewalls. Prosumer means the device has basic professional capabilities at a lower, consumer-friendly price point. Other law firms use firewalls provided by their internet service provider.

Both devices are difficult to monitor, manage, and update remotely. And there’s a good chance they’re not being managed and, therefore, require periodic manual intervention.

These factors leave your network wide open to security breaches. That’s why we recommend a business-class solution from Cisco, Cisco Meraki, Fortinet, Palo Alto Networks, or Watchguard.

Learn More: Best Firewalls for Business


Fix Item Problem #2 – Protect your data with Managed Backup and Disaster Recovery (BDR)

A lot of small businesses cut corners on BDR. Like our firewall example, prosumer backup devices and free cloud services are everywhere.

Both options have single points of failure, remote management limitations, data volume constraints, and performance drawbacks.

A business-class solution has benefits that include but is not limited to:

  • Secure onsite backup to an appliance every fifteen minutes
  • Offsite data replication in multiple SOC2 TYPE 2 clouds
  • Nightly test restores
  • Integration with Microsoft 365 (Office, Outlook, SharePoint, and OneDrive)

The last bullet point warrants special attention. Why? Your data is not automatically backed up and retained indefinitely by Microsoft.

Which solution is right for you? The answer depends on two factors defined by Acronis, a global leader in cyber protection.

  • Recovery Point Objective or RPO generally refers to the amount of data that can be lost within a period most relevant to a business before significant harm occurs, from the point of a critical event to the most preceding backup.
  • Recovery Time Objective or RTO often refers to the quantity of time that an application, system and/or process, can be down for without causing significant damage to the business as well as the time spent restoring the application and its data.”

You will pay more for a BDR solution if you can’t afford to lose any data or operating time. Conversely, if your requirements are less stringent, you will pay less.

Learn More: RPO versus RTO and Office 365 Backup


Fix IT Problem #3 – Implement Multi-Factor Authentication (MFA)

MFA is a quick security win that won’t break the bank. This simple supplemental checkpoint prompts users to take an additional step for identity verification.

Within seconds of entering login credentials into a secure website, a pop-up asks the user to submit an instantly generated code that arrives via text, email, or voice.

Even if cyber thieves steal your email address and passwords, it’s nearly impossible for them to intervene unless they also have your cellphone.

Learn More: Implementing MFA


Fix IT Problem #4 – Deploy internet content filtering to enhance security

Content filtering blocks access to any websites that pose a security threat, distract your employees or create a legal liability if X-rated material is accessed and shared on your network.

While free solutions are better than nothing, a small investment in a professional solution will ensure productivity and help you maintain compliance. 

Popular vendors in this space include DNSFilter, Cisco Umbrella, WebTitan Cloud, and McAfee Web Gateway Cloud Service.

Learn More: Top Content Filtering Solutions


Fix IT Problem #5 – Remove administrative rights for end users

Corporate networks need policies that separate administrator rights from user rights. Many small business computing environments are wide open for the wrong parties to access and misconfigure settings.

Back to my Nest example: if I had children, they would be free to adjust the thermostat, but they would have permission to control the entire HVAC system from the Nest application on my cellphone or any other device.

The same rules apply to servers, switches, backup devices, workstations, and every other endpoint in your network.


Learn More: User Access Control and Permissions

Fix IT Problem #6 – Strengthen identity management with Microsoft Active Directory (AD)

Some organizations use Microsoft 365 (M365) in the cloud, but it’s not integrated with their local area network. This misalignment creates two issues:

  • It requires users to employ two sets of credentials.
  • It’s impossible to enforce a password policy.

Microsoft AD unifies the local computer network with M365 in the cloud. This integration improves the user experience because it allows employees to reach the entire network through a single entry point.

AD also simplifies the global administration of security updates and facilitates the easy addition and subtraction of new apps in the Microsoft Cloud.

Learn More: Microsoft Cloud AD


Fix IT Problem #7 – Upgrade or replace physical end-of-life servers and Uninterruptible Power Supplies (UPS)

Every piece of technology in your environment has an expiration date, AKA end-of-life inflection point. Cloud alternatives for file sharing and storage should be top of mind when a server is approaching its fourth birthday.

The expression “software is eating the world” is more relevant than ever. Fewer and fewer application developers want to be in the commodity hardware business when it’s easier and more profitable to create innovative subscription services. 

Aging hardware depreciates like a car, loses its performance edge, and gets more expensive to support.

We recommend migrating end-of-life applications and aging hardware to cloud-based alternatives. 

However, you can’t get rid of every last appliance. You still need a sturdy network foundation to avoid losing power and data.

Upgrade, replace, and refresh your tech regularly, especially the UPS.

Learn More: The Biggest Benefit of Tech Refreshes and The Technology Lifecycle


Fix IT Problem #8 – Adopt next-generation Antivirus (AV) protection

Traditional definition-based AV is no match for the endless stream of sophisticated cybersecurity threats. Definition-based means the system “only knows what it knows.” 

It’s even less effective when installed and managed locally on workstations.

Next-generation AV monitors and manages new viruses and outbreaks across the enterprise through a central server. This administrative approach has two significant benefits:

  • Real-time alerting and updates
  • The ability to apply the same configuration to all endpoints

Learn More: Next-Generation Antivirus


Fix IT Problem #9 – Adjust permissions across the network

Some organizations have networks that allow every user to access every file in the enterprise.

This wide-open network permission policy (or lack thereof) is a recipe for disaster. Internal users may accidentally stumble upon a co-worker’s medical history, a HIPAA violation.

And external parties may infiltrate your primary file shares after someone clicks on a phishing email. This action may lead to the theft of confidential client data.

Active Directory is an excellent vehicle to create and apply user and role-based permissions for everyone with access to the network. AD allows IT administrators to govern according to the principle of least privilege or POLP.

In short, POLP is the practice of limiting access rights for users to the bare minimum permissions needed to perform their specific responsibilities.

For example, an attorney has permission to read, write, or execute files in folders A, B, C, D, and E, while a paralegal’s permissions are limited to resources in A and B.

The same logic restricts access rights for applications, systems, processes, and devices.

Learn More: The Principle of Least Privilege (POLP)


Fix IT Problem #10 – Introduce a Cybersecurity Awareness Training Program

Over 95% of all data breaches are due to human error. Despite all the advances in protective technology, employees routinely click on malicious links and open pdf “Invoices” attached to emails.

There’s a simple solution: institute ongoing cybersecurity awareness training. This program allows you to educate, assess with ethical phishing, train, and retest your entire team throughout the year.

And the per-user pricing for basic packages is less than the cost of five Grande Café Lattes.

Learn More: Cybersecurity Awareness Training


Fix IT Problem #11 – Segment your network

Your corporate network should be separate from your guest network. Why? You don’t want a client using the Wi-Fi in your conference room to access your QuickBooks files.

Wi-Fi has other risks. Armed with laptops and hacking software, cyber thieves in the parking lot can penetrate unsecured Wi-Fi networks. 

Once they land and expand, they’ll do a lot more damage than a client who accidentally stumbled upon your accounts payable ledger.

We recommend a virtual local area network or VLAN. For example, your corporate network is on VLAN One, and your guest Wi-Fi is on VLAN Two.

Learn More: How VLANs Work


Fix IT Problem #12 – Implement Mobile Device Management (MDM)

When your employees use personal devices like tablets, laptops, and smartphones, your corporate assets need an extra layer of protection. Without digital boundaries, it’s easy for third-party apps to open windows that allow threat actors to steal personal identifying information (PII) and more.

Even the innocent act of allowing your five-year-old to play around with your iPhone could lead to a data breach or an accidental and inappropriate text message to one of your friends.

Good news: MDM is available as a cost-effective add-on within M365. Now it’s more convenient than ever to monitor, manage, and support every mobile device in your digital estate.

Learn More: Intune Mobile Device Management


Fix IT Problem #13 – Get a secondary, failover internet connection

A “Plan B” applies to every endeavor in life, especially internet access. Combining a premium fiber connection with a lower-cost cable circuit gives you increased redundancy, stability, and performance.

One internet connection is not enough!

Many organizations love the reliability of fiber and the speed of cable internet. It’s common to use cable as the lead connection due to its faster download properties. Then, if the cable circuit has throughput issues or drops, automatic settings on the firewall reroute the traffic to the fiber circuit.

Traffic can also be load-balanced to shift between the two internet connections. This feature means users always get the fastest path.

Learn More:  Secondary ISP Best Practices


How do you activate all of these IT fixes?

Unlike townhouse owners who take forever to understand the nuances of their Nest application, law firms with fewer than ten employees and other SMBs have a host of local MSP options.

My sleep, quality of life, and productivity took a hit for four years. And there was only one root cause. Your network is much more complex, which means a variety of gaps could be making your business life more complicated and risky than necessary.

A best-in-class MSP can assess, document, and make recommendations that have an immediate impact on your growth trajectory. They can also monitor, manage, secure, and support all moving parts for a fixed monthly fee.

Finally, the MSP can bundle managed firewalls, data backup devices, MFA, content filtering, cybersecurity awareness training, MDM, internet access, and more into the mix.

Learn More: IT Support for Law Firms

Jed is a Solution Advisor at Integris who has specialized in MSP solution development, sales, and marketing communications since 2003.

Keep reading

Retainers for vCIOs and vCISOs: A Comprehensive Guide

Retainers for vCIOs and vCISOs: A Comprehensive Guide

If you're running an IT department at a small to mid-size company, you know— the demands on your infrastructure are greater than ever. Cyber threats are growing at an alarming pace, primarily fueled by the accessibility of AI to hackers. Cloud productivity, system...

Hot Topics for Cybersecurity in 2024

Hot Topics for Cybersecurity in 2024

As we go into 2024, Cybercrime now accounts for $8 Trillion US dollars—enough to make it the third largest "economy" after the US and China.   As scary as that number is, it is the downstream effects of Cybercrime that are so serious. Hacked businesses experience the...

How to Navigate the Cybersecurity Workforce Shortage

How to Navigate the Cybersecurity Workforce Shortage

Cybersecurity stats are in for 2023, and the numbers aren’t pretty. Ransomware attacks are up by 95 percent over 2022, according to the latest analysis by Corvus, a cyber risk insurer. With the inevitable rise in attacks coming in election year 2024, it’s enough to...